[solved] API user management & login

I am evaluating using Zammad as a user request management system for another little project. Accessing requests / tickets should be as easy as possible for all users.

As users are already authenticated against another system, I would like to let this system manage the users of Zammad using the API through a service account, in such a way as:

  1. Lookup if a user exists (by an ID)
  2. Create a user if it does not
  3. Generate a login token which can be put into a URL which the user can click to seamlessly log in to Zammad, in order to create / review tickets over the web interface (as usual).

As you can see, I would like to avoid having e-mail addresses / passwords (or other login credentials) for the users. Users are internally identified by a unique ID (UUID).

Is this possible? Reading the API docs, items 1 and 2 shouldn’t be a problem, but what about number 3?

As far as I’m aware you cannot use something like tokens within URLs to authenticate a user.
If you’re using LDAP, you proberly want to use SinglesignOn (see: https://github.com/zammad/zammad/issues/1192#issuecomment-309713979 )

You also might think about Third Party authentication like e.g. Github

I ended up writing my own omniauth strategy, which verifies the token against a custom authentication server. Works like a charm.

1 Like

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.